Current threats do not only concern tanks and missiles. Western societies are heavily dependent on digital networks. IT-specialists from 38 countries are now training in Tallinn, to sharpen skills on how to defend against cyberattacks.
Locked Shields, dubbed the world's largest cyberdefense exercise, kicked off in Tallinn on April 18. "This past year has shown us how important strength in cyberdefense is", Minister of Defense Hanno Pevkur (Reform) said. "Ukraine has strong digital competences, and that has meant that their state can keep delivering essential digital services, even during wartime."
Under the auspices of the Tallinn-based NATO Cooperative Cyber Defense Center of Excellence (CCDCOE), more than 3,000 IT-specialists from many NATO and associated nations are attempting to find out just how locked the shields actually are, once under cyberattack.
For this annual NATO exercise, the CCDCOE set up a Cyber Range, a server-based environment simulating critical infrastructure. Networks within such a range are based on the real world, connected to each, though not to the internet and linked via a secure system.
The attention to detail even goes as far as having a mock-up social media network akin to Twitter and other well-known platforms, via which disinformation can be spread, by influencers and others, and combated, and media titles pertaining to the two fictional states which make up the scenario – two islands located in the mid-Atlantic, somewhat south of the real Iceland, and named Berylia and Crimsonia.
Even the legal aspect is covered - participants must follow domestic and international law conventions and their team will lose points when they do not. Given the large number of nationalities involved, competitors' own home country's legal systems (bearing in mind they all come from NATO or NATO-friendly democracies) are the framework they operate in.
The over 3,000 participants are divided into two teams – red and blue, to respond to the friendly democracy Berylia, under cyberattack from Crimsonia.
World's largest cyber defence exercise #LockedShields begins ️— NATO (@NATO) April 18, 2023
Over 3,000 participants from 38 nations are taking part in the #NATO @ccdcoe exercise, which involves protecting real computer systems from real-time attacks
More info: https://t.co/z1uAklzexq pic.twitter.com/4CriZrpDsa
The red team's task is to launch attacks on critical infrastructure such as water- or energy-supply networks, whereas the blue team has to defend their systems in real-time. Offensive as well as defensive modes equate to those applied in the real world.
Defenders train tactical and strategical decision-making in critical situations. In addition to defending systems, teams must report incidents, execute strategic decisions, and, as noted, resolve forensic, legal, and media challenges – as in a real-world scenario.
Locked Shields 2023, largest annual intl cyber defense exercise, now underway in Tallinn! Exciting to see 24 "blue" teams from 38 nations including seek to fend off "red" team attacks in a "live fire" cyber range. Thanks to NATO's CCDCOE for hosting. #StrongerTogether pic.twitter.com/JVjHsOQ2Nb— Ambassador George P. Kent (@USAmbEstonia) April 19, 2023
"Locked Shields thus focuses not only on cyberdefense, but also on strategy games, legal issues, and crisis communication", CCDCOE-director Mart Noorma said.
One difference from the real world is that the teams are competing for points and not for the well-being of millions of people worldwide, of course, but the simulation is as close to reality as can be achieved.
The project is volunteer-based, with hundreds involved across sites in central Tallinn, and most participants are selected on the basis of their computer security and related skills.
The victors, i.e. the team that scored the most points, are based on entrant nation – last year's winner was Finland.
In order to ensure continuity, around two-thirds of those taking part are returnees, who also help to oversee the remaining third, who are newcomers to Locked Shields.
The event runs to Friday.
Founded in 2008, the CCDCOE is a NATO-accredited knowledge hub, think tank and training facility which focuses on interdisciplinary research and development, as well as training courses and exercises in the field of cyber security.
It is staffed by international experts, including legal scholars, policy and strategy experts as well as technology researchers with military, government and industry backgrounds, among others.
Editor: Michael Richmann, Andrew Whyte